SQL Injection

SQL Injection is simply a term describing the act of passing SQL code into an application that was not intended by the developer. In fact, much of the problems that allow SQL injection are not the fault of the database server per-se but rather are due to poor input validation and coding at other code layers.


Comments

Author: Rajaram10 Jun 2008 Member Level: Silver   Points : 2

SQL Injection is a threat which explores the holes in the application revealing the internals of the database. This also gives control of the database to the hacker.

Author: Kapil Dhawan11 Jun 2008 Member Level: Gold   Points : 0

good

Author: Kumar Velu11 Jun 2008 Member Level: Gold   Points : 2

SQL Injection is a threat which explores the holes in the application revealing the internals of the database. This also gives control of the database to the hacker.

Its also accepted..

Author: Kumar Velu12 Jun 2008 Member Level: Gold   Points : 2

It is a trick to inject SQL query/command as an input possibly via web pages. Many web pages take parameters from web user, and make SQL query to the database. Take for instance when a user login, web page that user name and password and make SQL query to the database to check if a user has valid name and password. With SQL Injection, it is possible for us to send crafted user name and/or password field that will change the SQL query and thus grant us something else.

Solution to Avoid sql injection:

1) Use parameters with stored procedures.
2) Use parameters with dynamic SQL.
3) Avoid the use of dynamically generated SQL in your code.

Author: ketan Italiya27 Aug 2013 Member Level: Gold   Points : 4

SQL Injection: What is it?

SQL Injection is one of the many web attack mechanisms used by hackers to steal data from organizations. It is perhaps one of the most common application layer attack techniques used today. It is the type of attack that takes advantage of improper coding of your web applications that allows hacker to inject SQL commands into say a login form to allow them to gain access to the data held within your database.

In essence, SQL Injection arises because the fields available for user input allow SQL statements to pass through and query the database directly.

SQL Injection: An In-depth Explanation

Web applications allow legitimate website visitors to submit and retrieve data to/from a database over the Internet using their preferred web browser. Databases are central to modern websites – they store data needed for websites to deliver specific content to visitors and render information to customers, suppliers, employees and a host of stakeholders. User credentials, financial and payment information, company statistics may all be resident within a database and accessed by legitimate users through off-the-shelf and custom web applications. Web applications and databases allow you to regularly run your business.

SQL Injection is the hacking technique which attempts to pass SQL commands (statements) through a web application for execution by the backend database. If not sanitized properly, web applications may result in SQL Injection attacks that allow hackers to view information from the database and/or even wipe it out.

Such features as login pages, support and product request forms, feedback forms, search pages, shopping carts and the general delivery of dynamic content, shape modern websites and provide businesses with the means necessary to communicate with prospects and customers. These website features are all examples of web applications which may be either purchased off-the-shelf or developed as bespoke programs.

These website features are all susceptible to SQL Injection attacks which arise because the fields available for user input allow SQL statements to pass through and query the database directly.

SQL Injection: A Simple Example

Take a simple login page where a legitimate user would enter his username and password combination to enter a secure area to view his personal details or upload his comments in a forum.

When the legitimate user submits his details, an SQL query is generated from these details and submitted to the database for verification. If valid, the user is allowed access. In other words, the web application that controls the login page will communicate with the database through a series of planned commands so as to verify the username and password combination. On verification, the legitimate user is granted appropriate access.

Through SQL Injection, the hacker may input specifically crafted SQL commands with the intent of bypassing the login form barrier and seeing what lies behind it. This is only possible if the inputs are not properly sanitised (i.e., made invulnerable) and sent directly with the SQL query to the database. SQL Injection vulnerabilities provide the means for a hacker to communicate directly to the database.

The technologies vulnerable to this attack are dynamic script languages including ASP, ASP.NET, PHP, JSP, and CGI. All an attacker needs to perform an SQL Injection hacking attack is a web browser, knowledge of SQL queries and creative guess work to important table and field names. The sheer simplicity of SQL Injection has fuelled its popularity.

Author: Rakesh Chaubey27 Aug 2013 Member Level: Gold   Points : 4

Sql Injection is like injecting a DB query from front end .As like manipulation. There are Several Website which gives you some vunerable website .Where you can inject your query and play with the web application . Or in short i would say you can destroy the whole DB.But no things has changed sql injection is little in less use..Now a days we have more like server side attack.Like sync attack brute force attack.Supposing TCP/IP network.Sniffing details from domain name and info about the client and then process the attack.Injection days are gone. But still so many website still exist ...I have a small list of those...i used to do injection long back..i cant share here .If need mail me in personal.


*These information and website contents that you want me to share are purely for education and research purpose. Don`t try to harm or destroy.All on your own after that .hence i have no involvement and responsibility on that . Before you show interest for mail.Read this.*

Author: Arun Kambhammettu27 Aug 2013 Member Level: Gold   Points : 8

SQL injection is a code injection technique, used to attack data driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).[1] SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.

SQL injection attack (SQLIA) is considered one of the top 10 web application vulnerabilities of 2007 and 2010 by the Open Web Application Security Project.[3] In 2013, SQLIA was rated the number one attack on the OWASP top ten.[4] The attacking vector contains five main sub-classes depending on the technical aspects of the attack's deployment:
Classic SQLIA
Inference SQL injection
Interacting with SQL injection
Database management system-specific SQLIA
Compounded SQLIA
SQL injection + insufficient authentication[5]
SQL injection + DDoS attacks[6]
SQL injection + DNS hijacking[7]
SQL injection + XSS[8]
SQL injection + Filter bypass + Havij + Backtrack R6

Technical Implementation:

This form of SQL injection occurs when user input is not filtered for escape characters and is then passed into a SQL statement. This results in the potential manipulation of the statements performed on the database by the end-user of the application.
The following line of code illustrates this vulnerability:
statement = "SELECT * FROM users WHERE name = '" + userName + "';"
This SQL code is designed to pull up the records of the specified username from its table of users. However, if the "userName" variable is crafted in a specific way by a malicious user, the SQL statement may do more than the code author intended. For example, setting the "userName" variable as:
' or '1'='1
or using comments to even block the rest of the query (there are three types of SQL comments):[11]
' or '1'='1' -- '
' or '1'='1' ({ '
' or '1'='1' /* '
renders one of the following SQL statements by the parent language:
SELECT * FROM users WHERE name = '' OR '1'='1';
SELECT * FROM users WHERE name = '' OR '1'='1' -- ';

If this code were to be used in an authentication procedure then this example could be used to force the selection of a valid username because the evaluation of '1'='1' is always true.
The following value of "userName" in the statement below would cause the deletion of the "users" table as well as the selection of all data from the "userinfo" table (in essence revealing the information of every user), using an API that allows multiple statements:
a';DROP TABLE users; SELECT * FROM userinfo WHERE 't' = 't
This input renders the final SQL statement as follows and specified:
SELECT * FROM users WHERE name = 'a';DROP TABLE users; SELECT * FROM userinfo WHERE 't' = 't';
While most SQL server implementations allow multiple statements to be executed with one call in this way, some SQL APIs such as PHP's mysql_query(); function do not allow this for security reasons. This prevents attackers from injecting entirely separate queries, but doesn't stop them from modifying queries.

There is much more information in many Hacking communities,

Author: Phagu Mahato29 Aug 2013 Member Level: Gold   Points : 4

SQL injection is a code injection technique that exploits a security vulnerability . You can use given code To protect against SQL injection
using (SqlCommand YourCommand = new SqlCommand("SELECT * FROM USERS WHERE USERNAME=@username AND
PASSWORD=Yourpassword('SHASHA1',@password)", YourConnection))
{
YourCommand.Parameters.AddYourValue("@username", username);
YourCommand.Parameters.AddYourValue("@password", password);
YourConnection.Open();
SqlDataReader myReader = YourCommand.ExecuteReader())
}



  • Do not include your name, "with regards" etc in the comment. Write detailed comment, relevant to the topic.
  • No HTML formatting and links to other web sites are allowed.
  • This is a strictly moderated site. Absolutely no spam allowed.
  • Name:
    Email: